sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-18 16:26:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow service users with user role read-only access to all resources (#1484)

Browse Source 
We allow service users with user role read-only access 
to all resources so users can create service user and propagate 
PATs without having to give full admin permissions.
This commit is contained in:
pascal-fischer
2024-01-25 09:50:27 +01:00
committed by GitHub
parent 4771fed64f
commit 399493a954
17 changed files with 72 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
management/server/user.go
View File

@@ -991,7 +991,7 @@ func (am *DefaultAccountManager) GetUsersFromAccount(accountID, userID string) (
// in case of self-hosted, or IDP doesn't return anything, we will return the locally stored userInfo
if len(queriedUsers) == 0 {
for _, accountUser := range account.Users {
if !user.HasAdminPower() && user.Id != accountUser.Id {
if !(user.HasAdminPower() || user.IsServiceUser || user.Id == accountUser.Id) {
// if user is not an admin then show only current user and do not show other users
continue
}
@@ -1005,7 +1005,7 @@ func (am *DefaultAccountManager) GetUsersFromAccount(accountID, userID string) (
}
for _, localUser := range account.Users {
if !user.HasAdminPower() && user.Id != localUser.Id {
if !(user.HasAdminPower() || user.IsServiceUser) && user.Id != localUser.Id {
// if user is not an admin then show only current user and do not show other users
continue
}